<?php

include_once("database.php");
include_once("session_start.php");

$username = $_REQUEST["UserName"];
$password = $_REQUEST["Password"];

$query ="SELECT UserId, UserName, Password, Admin FROM users WHERE UserName =? AND Password =?;";

$stmt=$db->prepare($query);
	$stmt ->bind_param('ss',$username,$password);
	$stmt -> bind_result($id,$DBusername,$DBpassword,$admin);
	$stmt -> execute();	
	$stmt -> fetch();

if($DBusername == $username && $DBpassword == $password){
	
	$_SESSION["User"] = Array(
	                       "Name"=> $DBusername,
	                       "Admin"=> $admin,
	                       "Id" => $id                      
                        );
    header('Location:index.php');
}else{
	$_SESSION["H7_Library_Message"] = "Forkert brugernavn eller password";
    header('Location:user_login.php');
}

?>